Deobfuscating Mobile Malware for Identifying Concealed Behaviors
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Lee, Dongho | - |
dc.contributor.author | Jeon, Geochang | - |
dc.contributor.author | Lee, Sunjun | - |
dc.contributor.author | Cho, Haehyun | - |
dc.date.accessioned | 2022-07-28T01:40:07Z | - |
dc.date.available | 2022-07-28T01:40:07Z | - |
dc.date.created | 2022-07-28 | - |
dc.date.issued | 2022-04 | - |
dc.identifier.issn | 1546-2218 | - |
dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/42419 | - |
dc.description.abstract | The smart phone market is continuously increasing and there are more than 6 billion of smart phone users worldwide with the aid of the 5G technology. Among them Android occupies 87% of the market share. Naturally, the widespread Android smartphones has drawn the attention of the attackers who implement and spread malware. Consequently, currently the number of malware targeting Android mobile phones is ever increasing. Therefore, it is a critical task to find and detect malicious behaviors of malware in a timely manner. However, unfortunately, attackers use a variety of obfuscation techniques for malware to evade or delay detection. When an obfuscation technique such as the class encryption is applied to a malicious application, we cannot obtain any information through a static analysis regarding its malicious behaviors. Hence, we need to rely on the manual, dynamic analysis to find concealed malicious behaviors from obfuscated malware. To avoid malware spreading out in larger scale, we need an automated deobfuscation approach that accurately deobfuscates obfuscated malware so that we can reveal hidden malicious behaviors. In this study, we introduce widely-used obfuscation techniques and propose an effective deobfuscation method, named ARBDroid, for automatically deobfuscating the string encryption, class encryption, and API hiding techniques. Our evaluation results clearly demonstrate that our approach can deobfuscate obfuscated applications based on dynamic analysis results. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | TECH SCIENCE PRESS | - |
dc.relation.isPartOf | CMC-COMPUTERS MATERIALS & CONTINUA | - |
dc.title | Deobfuscating Mobile Malware for Identifying Concealed Behaviors | - |
dc.type | Article | - |
dc.identifier.doi | 10.32604/cmc.2022.026395 | - |
dc.type.rims | ART | - |
dc.identifier.bibliographicCitation | CMC-COMPUTERS MATERIALS & CONTINUA, v.72, no.3, pp.5909 - 5923 | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000819835200022 | - |
dc.identifier.scopusid | 2-s2.0-85128690376 | - |
dc.citation.endPage | 5923 | - |
dc.citation.number | 3 | - |
dc.citation.startPage | 5909 | - |
dc.citation.title | CMC-COMPUTERS MATERIALS & CONTINUA | - |
dc.citation.volume | 72 | - |
dc.contributor.affiliatedAuthor | Cho, Haehyun | - |
dc.type.docType | Article | - |
dc.description.isOpenAccess | Y | - |
dc.subject.keywordAuthor | Android | - |
dc.subject.keywordAuthor | obfuscation | - |
dc.subject.keywordAuthor | deobfuscation | - |
dc.subject.keywordAuthor | android reversing | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Materials Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Materials Science, Multidisciplinary | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Soongsil University Library 369 Sangdo-Ro, Dongjak-Gu, Seoul, Korea (06978)02-820-0733
COPYRIGHT ⓒ SOONGSIL UNIVERSITY, ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.